“Kaspersky’s laboratory”, the Russian developer of systems for protection against viruses, trojan programs and a spam, informs on detection of the first nocuous program for the mobile phones, capable to execute Java-appendices (J2ME).
The Trojan spreads in the guise of a J2ME application “RedBrowser”, which promise to enable the user to visit WAP sites without using a GPRS connection. Trojan’s author says , that it is realized by sending and reception of free-of-charge SMS-messages. Actually the Trojan sends SMSs to some premium paid mobile services, at a rate of $5 – $6 per each of such a messege.
Trojan program has received name Trojan-SMS.J2ME.RedBrowser.a (by classification of virus analysts of the company).
The Trojan is a J2ME application, may be called “redbrowser.jar”, and is 54482 bytes in size.
The Trojan can be downloaded and installed to the victim device either via the Internet (from a WAP site) or via Bluetooth or from PC.
The Jar-archive contains :
* FS.class – auxiliary file (2719 bytes in size)
* FW.class – auxiliary file (2664 bytes in size)
* icon.png – graphics file (3165 bytes in size)
* logo101.png – graphics file (16829 bytes in size)
* logo128.pnh – graphics file (27375 bytes in size)
* M.class – interface file (5339 bytes in size)
* SM.class – Trojan application which sends SMS messages (1945 bytes in size)
The user is able to remove this trojan by using the standard “Remove application” utility of his phone.